Monitoring WordPress using syslog and OSSEC

This has got to be one of the unconventional (yet interesting) ideas I’ve come across.

It involves the use of a plugin (currently maintained at OSSEC) to get WordPress to send syslog events for OSSEC to parse. It is a good idea since it is good to monitor any web applications running for anomalies, but WordPress doesn’t seem to provide any kind of audit logging.

Looking at its capabilities, the first use for this that comes to mind is to monitor sites that run WordPress with multiple user logons. As for those with insufficient access to your web server (you’re on a shared webhost), you’re probably better off using the tips given at wpbeginner.

I won’t know yet, but perhaps I’ll have a better idea on what it is good for after I try it out.

Do YOU use OSSEC to monitor your WordPress installations? Any comments on it?